Note: The following features are not added to Internal Audit Management by default. For information on adding these features to your version of the app, contact your CSM.
Improved Connection Between the Internal Audit & Risk Management Apps
- Improved integration between the Internal Audit and Risk Management apps makes it easier for audit teams to identify high-risk areas to drive their annual audit plans, while also offering the risk team full visibility to final audit risk reports.
- The Internal Audit team can view an Risk Management heat map that plots Inherent Risk and Control Effectiveness. Risks with high inherent risk and control effectiveness scores can be targeted to confirm the risk owner or risk teams' claims that there are strong controls in place to mitigate that risk.
- When an audit project is complete, the risk team is now automatically notified via email. Through the new Risk Team Summary activity, they can review final audit reports as well as all issues identified by Internal Audit. Additionally, the risk team can view the final Audit Report and Findings Summary to review the identified issues (by risk) and all control testing results for each audit. These reports allow the risk team to link an audit issue to a risk or control within the Risk Management assessment to support their conclusions, as well as review assessments of individual controls by the audit team to compare to their assessments.
Trending on Auditable Entity Assessments
- Users can now see the historical results for each entity's risk assessment, which will help inform their decisions on subsequent assessments. This also enables audit teams to identify areas of the business that should be audited due to increasing levels of risk.
- The Internal Audit team will now be able to view the auditable entity's overall risk score for past years and/or quarters.
Note: Trending data is available for existing organizations from Version 3.0 and onwards. For new customers going live with Version 3.0 or later, trending data will be available from the go-live date onwards.
Process Improvements for Audit Clients
- Audits are now a more transparent and streamlined process for auditees and audit clients. When an audit begins, the assigned audit client will receive an email notification and can then view key dates, objective, scope, approach, background, and all other important audit details (similar to an Engagement Letter). Both during and after an audit, audit clients will have access to a focused portal where they can manage documentation requests, issues, and corrective actions, as well as view the final audit report.
Formatted Text for Narratives, Summaries & Walkthroughs
- To help audit teams provide clear communications and capture important info to support their conclusions, the following fields now support rich text formatting:
- Process Narrative: Lists all key activities and actions within a process from start to finish.
- Walkthrough Summary: Notes the key steps performed by the audit team in reviewing a process end-to-end.
- Testing Summary (available on both Controls and Tests): Describes the results of all test procedures perform for one or several audit tests.
- Multiple improvements to the UI have been implemented to enhance the user experience. These improvements include:
- Colored cells for select lists and formulas in all reports are now displayed as colored ovals.
- Design improvements on the Inherent Risk, Control Effectiveness, and Residual Risks formula cards.
- It is now possible to view more detailed information in a pallet from the Auditable Entity Risk Assessments and the Risk and Control Matrix by Audit data grids. For the assessments data grid, clicking theicon in the Auditable Entity Name column will display the entity profile and allow you to initiate the workflow. For the matrix, clicking theicon in the Process, Risks, Controls, or Test Name column will display all details on a particular object and allow you to initiate the workflow.
Internal Audit Administrator User Group
- A new user group provides complete access to the Internal Audit app with the ability to:
- Access all object types in the app, with edit, manage, and delete permissions.
- Perform all necessary workflow transitions in the app, such as returning a completed audit back to reporting or moving an audit from fieldwork back to planning, etc.
- View streamlined forms that contain all relevant audit-related information.
- Override or change data when other users are stuck.
Note: Regular users of the app should only be assigned to this user group on an as-needed, temporary basis. Should a user need to be assigned to this group to make changes to the application, contact Resolver Support or a user with system administrator access.
PDF Headers on Reports
- It's now possible to add titles and company logos to the PDF versions of the following reports:
- Final Audit Report
- Audit Committee Summary
- Audit Plan
- Audit Status Report
Contact Resolver Support or your CSM should you wish to include headers to your PDF reports.
- All objects and assessments marked as Archived can now only be viewed by an Internal Audit Administrator.
- Issues cannot be closed unless all associated corrective actions are complete.
- An automated process closes all related corrective actions when the issue is archived.
- Archived data is omitted from views, reports, and relationship tables, to ensure only relevant data is displayed.
Further Alignment with Industry Best Practices
- Improved Final Audit Report with revised sections, page breaks, and an additional visualization of Issues by Risk area.
- Improved in-app guidance to further align and industry best practices, including embedded performance standards from the Institute of Internal Auditors' (IIA) International Professional Practices Framework (IPPF).
- Improved Budget to Actual tracking per audit, including a formula to show current status (under budget, on budget, or over budget).
- Additional fields on the audit to capture the planned quarter of execution and attachments at the audit level (for an engagement letter, policy, terms of reference, etc.).